February 22, 2011

For most multinational organizations the UK Bribery Act has caused a great deal of concern. Not totally dissimilar from the Foreign Corrupt Practices Act, it does have some unique differences such as disallowing facilitation payments and much broader jurisdictional reach. Organizations have accelerated their preparations only to be kept waiting for the official guidelines to be issued by the UK Serious Fraud Office. On February 2, 2011, the Serious Fraud Office announced that the twice delayed April 2011 effective date would now be sometime this “autumn.” This begs the question, why are we still waiting?

Do our colleagues across the pond really need help putting together the guidelines around defining bribery? Or establishing adequate procedures to mitigate bribery and corruption? Riddle me this…we are talking about a concept that is as old as Judas, and the US has been refining the Foreign Corrupt Practices Act (FCPA) for over thirty years! With an active FCPA “template” that has levied fines in the billions of dollars the past three years, developing the UK’s regulatory guidelines around bribery and corruption should not be this arduous. But do they really need the FCPA? The UK signed the anti-bribery convention – and has its language – in accordance with OECD more than 10 years ago. In my mind, there is no technical reason why the UK is having trouble developing a bribery policy.

But observers protest that is only half the problem– what about the defining the guardrails for adequacy in mitigation and potential injunctive relief? No good template you say? Au contraire! The US Sentencing Guidelines – and specifically Chapter 8 of the guidelines – have been around since 1991 and were revised again last year. So what is the hold up?

I could be a bit of an ugly American here and suggest that the Brits are simply distracted from the task and more consumed with high tea, Manchester United’s march to the EPL Championship, or preparing diligently for the Chelsea Flower Show than getting the Act fully promulgated. But my jest aside, this problem is completely political.

The reality is the change in government after the recent election and aggressive lobbying from UK business have created this delay. I have the utmost respect for Vivian Robinson, the General Counsel for the SFO. Robinson is bright, engaged and dedicated to the task. He knows what to do, but he must gain consensus in the UK government before announcing the guidelines. I will be moderating a panel in London the end of March where Robinson will be sharing his views. I sincerely look forward to learning from him and sharing with you after our meeting.

So let me turn the tables. What is keeping corporations who do business in England, Ireland and Scotland from taking appropriate steps to mitigate their impending risk? Multinational companies who contend with FCPA are already 95% compliant. Most do a good job of defining appropriate facilitation payments and controlling them. All indications are that the SFO will be logical with their view to these payments. But what is keeping the rest of these companies doing business in the region, especially the ones who comprise the “extended enterprise” of most multinationals, sitting on the sideline?

The writing on the wall is clear, but it seems that unfortunately we continue to confuse good business practice with regulatory requirement. Mitigation of bribery and corruption is good for business and good for the global economy. So, in my opinion, it is time to do what is right – even without a looming legal mandate.

February 1, 2011

As many of you operating globally know, the laws and regulations in differing countries can prove tricky to navigate. There have been changes recently in the way an organization can operate whistleblower hotlines in France that will be of interest to our multinational clients. In October 2010, the Commission nationale de l'informatique et des libertés (or CNIL), the French data privacy regulatory body, amended the “single authorization” method for whistleblower hotlines. The amendments included both a clarification and broadening of the scope of acceptable issues organizations can receive through the hotline and still be in compliance with the single authorization.

The October amendments removed the ability to capture issues of “vital interests [to] the company or moral or physical integrity of the employees.” However, the CNIL did broaden the scope of reportable issue types to include issues related to anti-competition practices, Sarbanes-Oxley and Japanese SOX. Accordingly, the CNIL clarified that the single authorization method will allow reporting on all of the following: finance/accounting, banking, fight against corruption, anti-competitive practices and compliance with Section 301(4) of the Sarbanes-Oxley Act and the Japanese Financial Instruments and Exchange Act.

An organization has six (6) months (beginning December 8, 2010) to modify their system to be in line with these new single authorization rules, or apply for formal consideration of their hotline through the CNIL. Operation of a whistleblower hotline outside the scope of the single authorization or without formal approval from the CNIL on a broader scope, puts organizations at risk for criminal sanctions and hefty fines. These criminal sanctions and fines may be issued by the CNIL and the French courts have the authority, in civil litigation, to multiply these sanctions up to 5 times.

For more information, please see the following from the IAPP (requires membership in IAPP to access). Or this article from the Global Regulatory Enforcement Law Blog.